Internet Browsing – Do you know the danger of drive-by downloads

Internet Browsing – Do you know the danger of drive-by downloads

Internet Browsing – The danger of drive-by downloads

A drive-by download refers to the unintentional download of a virus or malicious software (malware) onto your computer or mobile device.

Now, just opening a compromised web page could allow dangerous code to install on your device. Gone are the days when you had to click to “accept” a download or install a software update in order to become infected.

You just need to visit or “drive by” a web page, without stopping to click or accept any software, and the malicious code can download in the background to your device. A drive-by download will usually take advantage of (or “exploit”) a browser, app, or operating system that is out of date and has a security flaw. This initial code that is downloaded is often very small and not noticed), since its job is often simply to contact another command and control computer/server where it can download the rest of the remainder of the malware code on to your smartphone, tablet, or computer. Often, a web page will contain several different types of malicious code, in hopes that one of them will match a weakness on your computer.

These downloads may be placed on otherwise innocent and normal-looking websites. You might receive a link in an email, text message, or social media post that tells you to look at something interesting on a site. When you open the page, while you are enjoying the article or cartoon, the download is installing on your computer.

The website of celebrity chef Jamie Oliver—which receives 10 million visits per month on average—was infecting visitors this week with malware through the Fiesta Exploit Kit, which leverages the recently patched Adobe Flash zero-day vulnerability.

First seen by security researchers at Malwarebytes Labs, the attack runs contrary to most web-borne exploits, as this one was not the result of a malicious ad (malvertising) but rather a careful and well hidden malicious injection in the site itself.

Malwarebytes said that it contacted the administrators of the site immediately upon discovery of the infection.

The best protection against Drive-By infections for all users are

Keep your Internet browser, and operating system up to date

Use an internet security browsing service or a safe search tool that warns you when you navigate to a malicious site

Use comprehensive security software on all your devices, and keep it up to date.